The instructions on this page cover installation and configuration of the CoSign software on a web server.
If you want to install CoSign on Apache httpd, please follow the instructions on installing Cosign in Apache httpd.
If you want to install CoSign on Windows, please follow the instructions on installing Cosign in IIS.
If you want to install CoSign on a Tomcat web server, please follow the instructions on installing Cosign in Tomcat.
If you simply want to use CoSign functionality on a server that already has CoSign installed and configured, you should read the instructions on using CoSign.
CoSign is the Web Single Sign-On operated by ISS for use on central and departmental web servers and applications. Where possible, CoSign authenticates users (i.e. proves their identity) based on their existing credentials, so that no additional password prompts are necessary. Where this is not possible, either because there are no existing credentials, or because the browser is unable to pass them securely, the user will be prompted for his or her password just once per browser session, and the password will always be sent over a secure connection.
CoSign Web applications do not need to handle users' passwords; they are simply notified of the user's identity.
CoSign has been tested with a wide variety of browsers and operating systems, and is believed to operate correctly and securely in all circumstances.